[Freedombox-discuss] FOAF+SSL concerns

[Erik Harmon]

Hi, my first message here.

There has been some talk of using FOAF+SSL. It seems like a good
system for many purposes, and I do believe it should be included, but
I have some concerns. The WebID concept looks tied to DNS and by
extension, hierarchical namespace. This presents a few problems, first
that Freedomboxes, at least some of them, are going to be organized in
a non-hierarchical organization of connected pods or web of trust. If
the user chooses to delegate their WebID url, they are going to be
reliant on a third party, which is what FreedomBox is trying to avoid.
If they want to host their webid on their Freedombox, they are going
to be obligated to join a hierarchical and probably public namespace.
Tying to IP isn't practical, as most of these are going to be on a
dynamic IP.

While FOAF+SSL is very appropriate for many users, FreedomBox owners
that wish to create discreet private connections (friends-only
networks, or perhaps activists) shouldn't have to rely on it. Not
saying the FreedomBox will, but I believe that should be kept in mind.
I believe it should be carefully considered before making any services
necessarily dependent on it.

Also, I see there has been some discussion in the past on the FOAF+SSL
mailing list regarding using DNS. The conclusion seemed to be that if
you are running on the public Internet, DNS is just how you navigate
it. While this is reasonable, this is a technical conclusion, and the
FreedomBox has different goals. First off it probably shouldn't be
dependent on an outside, centralized naming authority anywhere, and
secondly that recent events have shown us that DNS names are
susceptible to political wrangling, like DNS rerouting, national
blocks on domains and US government seizure of domain names. I see
this as a real problem for FreedomBox owners (I personally like the
term "owner" rather than consumer or user.)

I wanted to bring this up and see if the group has anything to say on this.

Thanks,
Erik